The end of June 2017. The network HBO, responsible for some of the world’s most successful series, spots something worrying: emails from its executives and even scripts for its most legendary series, Game of Thrones, are being leaked online.
Shortly afterwards, the company receives a warning from someone who claims to have stolen 1.5 terabytes of confidential material: unreleased Game of Thrones scripts, episodes of the series, plot summaries, and content from other shows, such as Curb Your Enthusiasm, and The Deuce among others.
A 6 million dollar ransom in bitcoin
The cybercriminal threatened to release all the material in his possession, and set his price: 6 million dollars. HBO had a deadline of three days to pay the bitcoin ransom, otherwise the 1.5 terabytes would be released. Part of the material was indeed released, but just a fraction of it. How much HBO paid is still unknown (if indeed they paid anything).
The person responsible for shaking the foundations of the TV industry went by the name of Skote Vahshat. But now we know his real name. He is an Iranian national called Behzad Mesri, who, since then, has been on the FBI’s list of most wanted cybercriminals.
A 100 million dollar theft
This FBI list is a collection of some of the most notorious and dangerous criminals in the IT world. Among the names on the list is Evgeniy Mikhailovich Bogachev, better known as Slavik, the developer of Zeus, a piece of malware that was capable of obtaining bank account numbers and the passwords necessary to access them.
Slavik left a long list of victims in his wake: at the height of his activity, Russia’s premier cybercriminal managed to amass over 100 million dollars in a series of crimes against the corporate cybersecurity of several companies, such as Oracle and Bank of America, and even managed to obtain information from the US Department of Transport and NASA.
46 financial institutions brought down
Large banks aren’t safe from this type of crime either. Between 2011 and 2013, seven Iranian citizens (Ahmad Fathi, Hamid Firoozi, Amin Shokohi, Sadegh Ahmadzadegan, Omid Ghaffarinia, Sina Keissar y Nader Saedi) devoted themselves to carrying out distributed denial-of-service (DDoS) attacks against a plethora of US banks, managing to crash their websites and endanger their cybersecurity.
The seven cybercriminals weren’t exactly acting alone. In the ensuing police investigation, it was revealed that all of them worked for the companies ITSec Team and Mersad, two private companies that are frequently contracted by the Iranian government.
The result? No fewer than 46 US banks and financial institutions suffered a total of 176 days of cyberattacks. These companies lost tens of millions of dollars. They of course had to face the cost of tackling (or mitigating) the attacks, but there was also the cost of the subsequent compensation for their clients due to the downtime of almost all of their services.
How to protect corporate cybersecurity
There is no doubt that this kind of cybercrime puts the companies that it hits in a tight spot. But it also affects those that haven’t been exposed to it, but are worried about finding themselves in the same situation at some point in the future. As a consequence, institutions must act on two fronts to protect their corporate cybersecurity.
1.- Prevention. The best way to protect against a cyberattack is to be prepared. Companies should therefore establish measures that, even if they don’t entirely eliminate the risk, help to minimize it. In this sense, it’s vital to have advanced cybersecurity solutions in place that establish the firewalls that are necessary to keep out all kinds of intruders. This is exactly what Panda Adaptive Defense does. In any case, companies need to make employees aware of cybersecurity protocol. This includes not trusting unsolicited emails and not downloading attachments unthinkingly. They also need to know who to turn to if they have any doubts, so as not to put the company’s IT security at risk.
2.- Reaction. When a group of cybercriminals has the knowledge, the resources, and the time needed to attack a company’s cybersecurity, it’s not always easy to keep it from happening. For this reason, companies should also have an action protocol in place for the moment they become aware of an attack. They will then proceed to close as many channels of communication as possible, try to locate the focal point of the problem, and find a solution.
The level of sophistication of the attacks carried out by the FBI’s most wanted cybercriminals is a challenge to corporate cybersecurity, and is yet another reason for organizations to invest in measures to make themselves more cyber-resilient. At Panda Security, we have at our disposal the latest technology as well as the most highly skilled team of experts to help your company to achieve this goal, with a new security model that has all the answers.